SANS Digital Forensics and Incident Response Blog: Tag - Cellebrite

The row continutes between the Michigan ACLU and the Michigan law enforcement. The Michigan ACLU leveled the charge earlier this week that Michigan law enforement was asking for hundreds of thousands of dollars for records related to the possible forensic imaging of mobile devices using the well-known Cellebrite UFED. Michigan law enforcement has responded. In … Continue reading Michigan TrackerGate: ACLU Speaks

It is not the intent of this blog post to be an all-encompassing guide to the forensic analysis of an iPhone. Rather it is a look at some of the tools I use in my practice and how they can be applied to iPhone forensic analysis. That being said lets get to it.

Why would you use the Cellebrite File System Dump instead of the traditional Extract Phone Data ?

If the subject of your forensic analysis is collecting information regarding the telephone such as call logs, phone book, SMS, pictures, video and audio/music then you will find what you need using the standard Cellebrite processing found under "Extract Phone Data". However if you want to do a deep dive in to the file structure, Internet usage or look deep in to the applications that are being used on the device and perhaps run some of your "favorite forensic tools" against it, I highly recommend complimenting your traditional